This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Austal

Summary

Austal, Australia's largest defence exporter and shipbuilder, suffered a cyber attack in October 2018 that breached the company's data management systems. The attackers accessed commercial and operational data and subsequently attempted to extort the company by offering stolen information for sale. As a major contractor to the Australian and United States defence forces, the breach raised serious national security concerns.

What Happened

Cyber criminals successfully breached Austal's data management systems, gaining access to commercial and operational information. The company detected the intrusion through its cybersecurity monitoring systems. Following the breach, the attackers contacted Austal and attempted extortion, offering to sell the stolen data. The breach affected systems containing information related to the company's defence shipbuilding operations, employee records, and commercial data. The exact method of initial access was not publicly disclosed, but the attack demonstrated significant capability to penetrate a defence contractor's systems.

Impact on Individuals

While Austal did not disclose specific numbers of affected individuals, the breach potentially compromised:

  • Employee information: Staff working on sensitive defence projects
  • Contractor data: Personnel from partnering organisations
  • Commercial contacts: Business relationships and communications
  • Defence project information: Details related to Australian and US Navy contracts

The primary concern was not mass consumer data exposure but rather the targeted nature of the attack on a defence contractor and the potential for:

  • Exposure of personnel working on classified or sensitive defence projects
  • Compromise of commercial relationships
  • National security implications from stolen defence-related information

Organisational Response

Austal responded immediately to the breach:

  • Activated incident response protocols and engaged cybersecurity specialists
  • Notified the Australian Cyber Security Centre and law enforcement
  • Refused to pay the extortion demand
  • Conducted comprehensive security reviews of systems
  • Implemented enhanced security measures across IT infrastructure
  • Coordinated with Australian and US defence authorities given the company's role as a defence contractor

The company publicly stated it would not negotiate with extortionists and worked closely with authorities to investigate the incident.

National Security Implications

The breach highlighted vulnerabilities in Australia's defence industrial base. As Austal builds warships for the Royal Australian Navy and US Navy, including the Littoral Combat Ship program, the attack raised concerns about:

  • Protection of sensitive defence contractor data
  • Supply chain security for defence projects
  • Nation-state or sophisticated criminal targeting of defence industries

The incident contributed to broader policy discussions about cybersecurity requirements for defence contractors and critical infrastructure protection.

Verification Source: View original statement